Stats

Tag: cell

vCloud Director architecture consist of multiple cells that share common database. The upgrade process involves shutting down services on all cells, upgrading them, upgrading the database and starting the cells. In large environments where there are three or more cells this can be quite labor intensive.

vCloud Director 8.20 brings new feature – an orchestrated upgrade. All cells and vCloud database can be upgraded with a single command from the primary cell VM. This brings two advantages. Simplicity – it is no longer needed to login to each cell VM, upload binaries and execute upgrade process manually. Availability – downtime during the upgrade maintenance window is reduced.

Prerequisites

Set up ssh private key login from the primary cell to all other cells in the vCloud Director instance for user vcloud.

Copy public key to each additional cell in the instance to authorized_keys file. This can be done with one line command ran from the primary cell or with this ssh-copy-id. Use IP/FQDN it is registered with in VCD

Share this:

Like this:

New vCloud DIrector 8.10 (read eight dot ten) is out and with it some little neat features. Let me quickly talk about one of them – the ability to run vCloud Director cell with just 1 IP address.

In the past you always had to configure vCloud Director cell at least with two IP addresses. One for the web interface (providing UI and API) and the other for remote console proxy. The reason was that both services shared the same port 443. In vCloud Director 8.10 there is possibility to specify ports for each service and thus use just one IP address. This helps if your DMZ subnet is too small and you need to deploy more VMs into that network (more cells, databases, etc.).

Note that the configure script will not ask you for ports, instead you need to use unattended installation option or add port entries afterward in global.config file.

Unattended Installation

Here is the example of configure parameters that sets console proxy to the same IP address as http (10.0.1.60) and uses port 8443 instead of the standard 443:

Share this:

Like this:

In vCloud Director 8.0 many enhancements were made to enable unattended installation. This is useful to eliminate manual steps to speed up installation process as well as ensure identical configuration among multiple vCloud Director instances.

Let’s say the provider needs to deploy multiple vCloud Director instances each consisting of multiple cells. Here is the process in high level steps.

Unattended Installation of Additional Cells

vCloud cells are stateless, all necessary information is in vCloud database. All we need is responses.properties file from the first cell that contains necessary encrypted information how to connect to the database.

Share this:

Like this:

I just learned from engineering neat trick related to how cell management tool can be invoked without specifying administrator credentials.

The issue is that currently you cannot use LDAP account to trigger cell management tool commands which are mostly used for quiescing and shutting down cells for maintenance. Using vCloud Director local administrator account is discouraged as it poses a security issue. However what is possible is to trigger the cell management tool as root (or with sudo) and supply via hidden flag -i the process ID of the java process.

Here is an example:

First I query the java PID with ps aux command. Then I use the standard cell-management-tool command without specifying the user with the -i flag at the end.

So you can force the administrator to log in to the cell guest OS via a LDAP account and then run the command with sudo.

Thank you Zachary Shepherd for the tip.

Update 9/28/2016:

Georgi provided great tip in the comments. As the PID is written in var/run/vmware-vcd-cell.pid you can actually run a one-liner.